<?php

/**
 * 首信易（跨境）支付插件
 * ============================================================================
 * * 版权所有  广州多想网络科技公司，并保留所有权利。
 * 网站地址: http://www.duoxiangweb.com；
 * ----------------------------------------------------------------------------
 * 这不是一个自由软件！您只能在不用于商业目的的前提下对程序代码进行修改和
 * 使用；不允许对程序代码以任何形式任何目的的再发布。
 * ============================================================================
 * $Author: xie $
 * $Id: payease.php  $
 */
 

if (!defined('IN_ECS'))
{
    die('Hacking attempt');
}
$payment_lang = ROOT_PATH . 'languages/' .$GLOBALS['_CFG']['lang']. '/payment/cappay.php';

if (file_exists($payment_lang))
{
    global $_LANG;

    include_once($payment_lang);
}

/**
 * 模块信息
 */
if (isset($set_modules) && $set_modules == TRUE)
{
    $i = isset($modules) ? count($modules) : 0;

    /* 代码 */
    $modules[$i]['code']    = 'payease';

    /* 描述对应的语言项 */
    $modules[$i]['desc']    = 'payease_desc';

    /* 是否支持货到付款 */
    $modules[$i]['is_cod']  = '0';

    /* 是否支持在线支付 */
    $modules[$i]['is_online']  = '1';

    /* 作者 */
    $modules[$i]['author']  = 'xie';

    /* 网址 */
    $modules[$i]['website'] = 'http://www.beijing.com.cn';

    /* 版本号 */
    $modules[$i]['version'] = 'V1.0';

    /* 配置信息 */
    $modules[$i]['config'] = array(
        array('name' => 'cappay_account',  'type' => 'text',   'value' => ''),
        array('name' => 'cappay_key',      'type' => 'text',   'value' => '')
    );

    return;
}

class payease
{
    /**
     * 构造函数
     *
     * @access  public
     * @param
     *
     * @return void
     */
	function __construct()
	{
		$this->payease();
	}
	
	
    function payease()
    {
    }

   
    /**
     * 生成支付代码
     * @param   array   $order      订单信息
     * @param   array   $payment    支付方式信息
     */
    function get_code($order, $payment)
    {
    	$v_mid = trim($payment['cappay_account']);
    	$v_rcvname = $v_mid;
    	$v_rcvaddr = $v_mid;
    	$v_rcvtel = $order['mobile'];
    	$v_rcvpost = $v_mid;
//     	$v_amount = '0.01';
    	$v_amount = $order['order_amount'];
    	$v_ymd = local_date('Ymd',$order['add_time']);
    	$v_orderstatus = '1';
    	$v_ordername = $v_rcvname;
    	$v_moneytype = '0';
//     	$v_url = 'http://www.drleawell.com/paytest.php?act=respond&type=1';
    	$v_url = return_url(basename(__FILE__, '.php'));
    	$v_producttype = urlencode("货物贸易");
    	$v_idtype = '01';
//     	$v_idnumber = '445381199112230022';
//     	$v_idname = urlencode('谢欣盈');
		$v_idnumber = $order['credit_card'];
		$v_idname = urlencode($order['consignee']);
    	$v_idcountry = '156';
    	$v_idaddress = '';
    	$v_userref = $_SESSION['user_id'];
        $MD5Key = trim($payment['cappay_key']);     //<--支付密钥--> 注:此处密钥必须与商家后台里的密钥一致
        $v_oid = "$v_ymd-$v_mid-".local_date('His')."-".$order['order_id'];
        $sourcedata = $v_moneytype.$v_ymd.$v_amount.$v_rcvname.$v_oid.$v_rcvname.$v_url;
        $v_md5info = $this->hmac_md5($MD5Key,$sourcedata);
        
        //修改支付单号
//         $sql = "UPDATE ".$GLOBALS['ecs']->table('order_info').
//         " SET ".
//         " pp_sn='$v_oid' ".
//         " WHERE order_id=".$order['order_id'];
//         $GLOBALS['db']->query($sql);
        
        $def_url  = '<form method=post style="text-align:center;" onsubmit="return setPpsn(\''.$v_oid.'\','.$order['order_id'].');" action="https://pay.yizhifubj.com/customer/gb/pay_bank.jsp" target="_blank">';
        $def_url .= "<input type= 'hidden' name = 'v_mid'     value= '".$v_mid."'>";     //商户编号
        $def_url .= "<input type= 'hidden' name = 'v_oid'     value= '".$v_oid."'>";         //订单编号
        $def_url .= "<input type= 'hidden' name = 'v_rcvname' value= '".$v_rcvname."'>";     //收货人姓名
        $def_url .= "<input type= 'hidden' name = 'v_rcvaddr' value= '".$v_rcvaddr."'>";     //收货人地址
        $def_url .= "<input type= 'hidden' name = 'v_rcvtel'  value= '".$v_rcvtel."'>";     //收货人电话
        $def_url .= "<input type= 'hidden' name = 'v_rcvpost'  value= '".$v_rcvpost."'>";    //收货人邮编
        $def_url .= "<input type= 'hidden' name = 'v_amount'   value= '".$v_amount."'>";     //订单总金额
        $def_url .= "<input type= 'hidden' name = 'v_ymd'      value= '".$v_ymd."'>";        //订单产生日期
        $def_url .= "<input type= 'hidden' name = 'v_orderstatus' value ='".$v_orderstatus."'>";              //配货状态
        $def_url .= "<input type= 'hidden' name = 'v_ordername'   value ='".$v_ordername."'>"; //订货人姓名
        $def_url .= "<input type= 'hidden' name = 'v_moneytype'   value ='".$v_moneytype."'>"; //币种,0为人民币,1为美元
        $def_url .= "<input type= 'hidden' name = 'v_url' value='".$v_url."'>";             //支付动作完成后返回到该url，支付结果以GET方式发送
        $def_url .= "<input type= 'hidden' name = 'v_md5info' value='".$v_md5info."'>";              //订单数字指纹
        $def_url .= "<input type= 'hidden' name = 'v_producttype'   value='".$v_producttype."'>";
        $def_url .= "<input type= 'hidden' name = 'v_idtype'   value='".$v_idtype."'>";
        $def_url .= "<input type= 'hidden' name = 'v_idnumber'   value='".$v_idnumber."'>";
        $def_url .= "<input type= 'hidden' name = 'v_idname'   value='".$v_idname."'>";
        $def_url .= "<input type= 'hidden' name = 'v_idcountry'   value='".$v_idcountry."'>";
        $def_url .= "<input type= 'hidden' name = 'v_idaddress'   value='".$v_idaddress."'>";
        $def_url .= "<input type= 'hidden' name = 'v_userref'   value='".$v_userref."'>";
        $def_url .= "<style>.payease-table td{padding:5px;}.payease-table img{vertical-align: middle;margin-left:5px;}</style>";
        $def_url .= '<table class="payease-table" border="1" cellpadding="4" cellspacing="1" align="center" style="width: 98%;margin: 10px auto;">
      <tr bgcolor="#f7f7f7">
      <td align="center" colspan="2"><font style="color: #5cb5e3;font-size: 14px;font-weight: bold;">选择您的银行卡</font></td>
      </tr>
      <tr bgcolor="#FFFFFF">
	  <td><input type="radio" id="pi3" name="v_pmode" value="3" checked="checked"/><label for="pi3"><image border=0 src="images/images/CMBC.jpg" height=20 width=100></label></td>
	  <td><input type="radio" id="pi4" name="v_pmode" value="4" /><label for="pi4"><image border=0 src="images/images/CBC.jpg" height=20 width=100></label></td>
      </tr>
       <tr bgcolor="#FFFFFF">
      <td><input type="radio" id="pi9" name="v_pmode" value="9" /><label for="pi9"><image border=0 src="images/images/ICBC.jpg" height=20 width=100></label></td>
	  <td><input type="radio" id="pi14" name="v_pmode" value="14" /><label for="pi14"><image border=0 src="images/images/PAB.jpg" height=20 width=100></label></td>
      </tr>
       <tr bgcolor="#FFFFFF">
       <td><input type="radio" id="pi33" name="v_pmode" value="33" /><label for="pi33"><image border=0 src="images/images/CIB.jpg" height=20 width=100></label></td>
	  <td><input type="radio" id="pi69" name="v_pmode" value="69" /><label for="pi69"><image border=0 src="images/images/SPDB.jpg" height=20 width=100></label></td>
      
      </tr>
       <tr bgcolor="#FFFFFF">
	  <td><input type="radio" id="pi74" name="v_pmode" value="74" /><label for="pi74"><image border=0 src="images/images/CEB.jpg" height=20 width=100></label></td>
      <td><input type="radio" id="pi83" name="v_pmode" value="83" /><label for="pi83"><image border=0 src="images/images/CBB.jpg" height=20 width=100></label></td>
      </tr>
       <tr bgcolor="#FFFFFF">
	  <td><input type="radio" id="pi67" name="v_pmode" value="67" /><label for="pi67"><image border=0 src="images/images/BOC.jpg" height=20 width=100></label></td>
      <td><input type="radio" id="pi126" name="v_pmode" value="126" /><label for="pi126"><image border=0 src="images/images/UnionPay.jpg" height=20 width=100></label></td>
      </tr>
  </table>';
        $def_url .= "<input class='c-btn3' type='submit' value='立刻支付'>";
        

        $def_url .= '</form>';


        return $def_url;
    }

    /**
     * 响应操作
     */

    function respond()
    {
    	$payment    = get_payment(basename(__FILE__, '.php'));
    	
    	$v_oid = $_REQUEST['v_oid'];
    	$v_pstatus = $_REQUEST['v_pstatus'];
    	$v_pstring = urldecode($_REQUEST['v_pstring']);
    	$v_pmode = urldecode($_REQUEST['v_pmode']);
    	$v_amount = $_REQUEST['v_amount'];
    	$v_moneytype = $_REQUEST['v_moneytype'];
    	$v_md5info = $_REQUEST['v_md5info'];
    	$v_md5money = $_REQUEST['v_md5money'];
    	$v_sign = $_REQUEST['v_sign'];
    	$v_count = $_REQUEST['v_count'];
    	$v_mac = $_REQUEST['v_mac'];
    	$MD5Key = $payment['cappay_key'];
    	$log = '【'.date('Y-m-d H:i:s').'】'.json_encode($_REQUEST).PHP_EOL;
    	file_put_contents(ROOT_PATH.'log/pay_log.txt', $log,FILE_APPEND | LOCK_EX);
    		
		$v_tempdate = explode('-', $_REQUEST['v_oid']);
    		
    		
		//接受返回数据验证开始
		//v_md5info验证
		$md5info_paramet = $v_oid.$v_pstatus.$v_pstring.$v_pmode;
		$md5info_tem     = $this->hmac_md5($MD5Key,$md5info_paramet);
    		
		//v_md5money验证
		$md5money_paramet = $v_amount.$v_moneytype;
		$md5money_tem     = $this->hmac_md5($MD5Key,$md5money_paramet);
		if ($md5info_tem == $v_md5info && $md5money_tem == $v_md5money)
		{
			if($v_pstatus=='20')
			{
				$sql = "UPDATE ".$GLOBALS['ecs']->table('order_info').
				" SET pay_status = ".PS_PAYING." ".
				" WHERE order_id=".$v_tempdate['3'];
				$GLOBALS['db']->query($sql);
    				
				return true;
			}
			else if($v_pstatus=='30')
			{
				$log = '【'.date('Y-m-d H:i:s').'】['.$v_oid.']页面支付失败'.PHP_EOL;
				file_put_contents(ROOT_PATH.'log/pay_log.txt', $log,FILE_APPEND | LOCK_EX);
				return false;
			}
			else
			{
				echo 'waiting';
			}
		}
		else
		{
			$log = '【'.date('Y-m-d H:i:s').'】['.$v_oid.']页面校验失败'.PHP_EOL;
			file_put_contents(ROOT_PATH.'log/pay_log.txt', $log,FILE_APPEND | LOCK_EX);
			return false;
		}
    	

    }
    function hmac_md5($key, $data)
    {
        if (extension_loaded('mhash'))
        {
            return bin2hex(mhash(MHASH_MD5, $data, $key));
        }

        // RFC 2104 HMAC implementation for php. Hacked by Lance Rushing
        $b = 64;
        if (strlen($key) > $b)
        {
            $key = pack('H*', md5($key));
        }
        $key  = str_pad($key, $b, chr(0x00));
        $ipad = str_pad('', $b, chr(0x36));
        $opad = str_pad('', $b, chr(0x5c));

        $k_ipad = $key ^ $ipad;
        $k_opad = $key ^ $opad;

        return md5($k_opad . pack('H*', md5($k_ipad . $data)));
    }

}

?>